Charging SaaS customers using AWS API Gateway
Keys are used to provide access to specific locks. Before we can talk about keys, let's make sure we know how to create a lock using AWS API Gateway. My earlier tutorial will show you how to create a lock using CORS and Headers.
API Keys
API Keys are used to track usage by Group or Organization. They're great for accounting purposes –as a way of keeping record of who is using your service. It's not very hard to use but there is a 4 step process to get started.
Process
The steps to creating API access key include:
- Create a key from the API Dashboard
- Create a usage plan using the API Dashboard
- Link your API stage to a usage plan.
- Link your API key to a usage plan.
- Enter the IAM role that has access to write data to CloudWatch
Step 1 - Create an API Key
Using the process above, step one consists of creating an API key.
Step 2 - Create a usage plan
Usage plans are designed to help you, the API administrator, understand which of your clients is using your API and how much of it. This is especially helpful if you are planning to sell your API service within the AWS Marketplace.
Step 3 - Link your API key to the usage plan
This step is about associating an API stage to a usage plan.
Step 4 - Subscribe API key to usage plan
This step focuses on associating an API key to a usage plan for monitoring and account reconciliation.
Step 5 - Associate an API key to an HTTP Method
There are a few good reason for this. For example, suppose you are an API administrator with 9 available methods. 3 methods are available to the open web, 3 are available to "bronze plan" subscribers and 3 more methods are available to "gold plan" subscribers. As an API administrator, one way to keep things organized is by associating specific API keys to specific methods.
Note: This probably isn't a scalable solution but you get the point.
You associated API keys to methods through the method request.
Once you've clicked the Method Request of an HTTP verb, you can select Api Key Required to true.